smokeloader | 2ede8f142a56ef2d1fc00edbcc1344cbfb82c340165e664b1da2549b325a0f2d | Triage

Sharing

General

Target

2ede8f142a56ef2d1fc00edbcc1344cbfb82c340165e664b1da2549b325a0f2d
Size

326KB
Sample

240504-nxf81afg82
MD5

00877aba527b927bf4e713aa69fd97f0
SHA1

1c5777331dd3ec6e195e01b2d949e74f7a87d8af
SHA256

2ede8f142a56ef2d1fc00edbcc1344cbfb82c340165e664b1da2549b325a0f2d
SHA512

471e6fa4775161fe83065ba2d6aa08312293da623b97297a02e4e9203a9d639bee5db078ae07b16aadfaeef301399ba18f40f55ba07e22f12d2d734391d05774
SSDEEP

6144:tfymhz40SKHBko1HSOVrRheqv46O8b/a:tfjz40S8XHrVrRoNWb/a

Score

10^/10

smokeloader pub1 backdoor trojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Targets

- Target
  
  2ede8f142a56ef2d1fc00edbcc1344cbfb82c340165e664b1da2549b325a0f2d
- Size
  
  326KB
- MD5
  
  00877aba527b927bf4e713aa69fd97f0
- SHA1
  
  1c5777331dd3ec6e195e01b2d949e74f7a87d8af
- SHA256
  
  2ede8f142a56ef2d1fc00edbcc1344cbfb82c340165e664b1da2549b325a0f2d
- SHA512
  
  471e6fa4775161fe83065ba2d6aa08312293da623b97297a02e4e9203a9d639bee5db078ae07b16aadfaeef301399ba18f40f55ba07e22f12d2d734391d05774
- SSDEEP
  
  6144:tfymhz40SKHBko1HSOVrRheqv46O8b/a:tfjz40S8XHrVrRoNWb/a
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

behavioral2

smokeloaderpub1backdoortrojan